A4: Reflections on Nashville Christmas Day Bombing   
Ray Holloman, NCA Healthcare
On Christmas Day 2020, Nashville was struck by a bombing that took down phone service, Internet, and televisions throughout multiple states. This bombing showed what many of us in the industry already know: our telecommunications systems do not have the level of redundancy that would be expected for how highly available these systems should be. Many people exclaimed that something should be done, but they have not been forced to actually make a change. Even the systems/applications that had built redundancy went down during this outage. In this presentation, will take a look at how different organizations responded during this event and the aftermath. Also, gain insights into how to help your organization be better prepared for this type of event. We will be asking questions, such as: How do you let your employees know an event has happened if you can’t reach them? How do you access your plans if there is no Internet and your plans are in the cloud? Have you even thought about losing your main internet provider and what would you do? What do you do if you have no access and need to communicate with others, such as emergency services?

B9: Planning for Protests and Civil Unrest – Case Studies and Lessons Learned
Suzanne Bernier, SB Consulting
The emerging threat of protests, riots, and civil unrest during mass gatherings has become a disturbing reality across the globe. This session will highlight the various types of threats to critical infrastructure that could occur during mass gatherings and the types of plans that should be in place to mitigate and respond to civil disturbances. During this session attendees will be presented lessons learned from recent protests/civil disturbances that have occurred around the globe. The learning objectives of this session include:
– How to identify various types of threats to critical infrastructure that could occur during mass gatherings
– And how to develop mitigation and response plans in advance of possible protests and civil unrest that could threaten critical infrastructure.

C15: How to Enhance the Effectiveness of Third-Party Risk Management
Mike Jennings, Infinite Blue
Learn how your organization can enhance the effectiveness of third-party risk management. Regulations are growing more complex as leaders face increasing difficulty determining and managing risks that could cause severe impact to your organization. This session will cover the struggles and solutions business continuity, resiliency, information technology, and compliance leaders face when determining third-party risk.


D6: Enhancing Agility Through Consequence Based Risk Analysis
Jay Johnson, Mayo Clinic

We all use scenarios to build context for planning, training, and education. The challenge is that the variability of scenarios makes it very difficult (if not impossible) to provide detailed plans for everything that we could face. We also know that the consequences of events and emergencies have a lot of overlap. What we have done is work from the consequence perspective to build foundational plans that allow our teams to begin response with processes that support their needs in many scenarios and facilitate graceful transition into more detailed efforts.